Low severity3.7NVD Advisory· Published Jun 13, 2025· Updated May 12, 2026
CVE-2025-6052
CVE-2025-6052
Description
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.
Affected products
5- Red Hat/Red Hat Enterprise Linux 10v5cpe:/o:redhat:enterprise_linux:10
- Red Hat/Red Hat Enterprise Linux 6v5cpe:/o:redhat:enterprise_linux:6
- Red Hat/Red Hat Enterprise Linux 7v5cpe:/o:redhat:enterprise_linux:7
- Red Hat/Red Hat Enterprise Linux 8v5cpe:/o:redhat:enterprise_linux:8
- Red Hat/Red Hat Enterprise Linux 9v5cpe:/o:redhat:enterprise_linux:9
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- access.redhat.com/security/cve/CVE-2025-6052nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- cert-portal.siemens.com/productcert/html/ssa-032379.htmlnvd
News mentions
1- Siemens SIMATICCISA Alerts